Add Active Directory User to Local Group

svh1985

Hello! I have some code that add's users to my local administrator group. But what i would like to accoplish is to add a user from an active directory to my localmachine admin group. My code can add a local user to the local admin group. I tried to alter the LDAP string for the ActiveDirectory connection but now it fails to add the domain user to the localmachine admin group. The AD LDAP String: ldap://SERVERNAME01:389/CN=TESTUSER01,CN=Users,DC=DOMAIN01,DC=local The Test String: WinNT://WORKGROUP/STEPHAN-F894E19/TestUser1 The Test String works the AD LDAP String doesn't work. Can anyone help me with this? Thanks! the Code:

   private void AddUserToGroup() 
    { 
        try 
        { 
            DirectoryEntry AD = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"); 
            DirectoryEntry grp; 

            grp = AD.Children.Find("Administrators", "group"); 
            if (grp != null) { grp.Invoke("Add", new object\[\] { "WinNT://WORKGROUP/STEPHAN-F894E19/TestUser1" }); } 
            MessageBox.Show("Account Created Successfully"); 
        } 
        catch (Exception ex) 
        { 
            MessageBox.Show(ex.Message); 
        } 
    }

svh1985

i Found this code on CodeProject:

public void AddToGroup(string userDn, string groupDn)
{
try
{
DirectoryEntry dirEntry = new DirectoryEntry("LDAP://" + groupDn);
dirEntry.Properties["member"].Add(userDn);
dirEntry.CommitChanges();
dirEntry.Close();
}
catch (System.DirectoryServices.DirectoryServicesCOMException E)
{
//doSomething with E.Message.ToString();

}

}

But can anyone show me a sample LDAP String , UserDn String and a GroupDn String? Thanks!

lane0p2

LDAP string - LDAP://CN=Administrator,CN=Users,DC=aDomain,DC=com userDN - CN=aUser,CN=Users,DC=aDomain,DC=com DN means distinguishedName cool?